Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

infected pc (with a trojan?)[RESOLVED]

miekiemoes

Posted 23 May 2005 - 12:08 PM

miekiemoes

Malware Expert

Member

5,503 posts

Hello,

You have been installing new spyware again! Kazaa I suppose.Kazaa installs spyware which is now present on your system. That has to go.Look here for better P2P programs: http://www.spywarein...m/articles/p2p/(you'll find there the ones that are infected and not infected with spyware)

* Please set your system to show all files; please see here if you're unsure how to do this.

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

* Reboot into Safe Mode`: ( without networking support !)°To get into the Safe mode as the computer is booting press and hold your "F8 Key". Use your arrow keys to move to "Safe Mode" and press your Enter key.

* Using Windows Explorer, locate the following folders, and delete them:

PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. Files Found in system Folder............ ------------------------C:\WINDOWS\system32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213C:\WINDOWS\system32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213

Files Found in all users startup Folder............ ------------------------Files Found in all users windows Folder............ ------------------------Finishedbye

Reboot afterwards and try to change it again.If that still doesn't work, tell me exactly what error you get or what exactly you can't recover -- (can you click desktoptab, can you rightclick desktop etc..)

nijnijn

Posted 25 May 2005 - 11:45 AM

nijnijn

Member

Topic Starter

Member

25 posts

Hmm, now it worked. I downloaded "smitfraude" already once the previous time, but saved it under my documents, now i saved it at my desktop. Then i found, as the previous time, a file "security" at webtab and deleted it again. I hope it stays away now. So everything seems ok.
The only thing that's not so good is a message when i log in at my account saying "Runner error. Runner file name (LogitechDesktopMessanger.exe) lacks a '-' (the app id seperator)" How can I fix this?

And if that didn't work, just uninstall it and reďnstall it again. Or don't even install it again afterwards if you're not using it. Because I know that logitech desktop messenger is responsible for system slowdowns.

miekiemoes

Posted 30 May 2005 - 12:38 AM

To keep this clean in the future, I would suggest the following things:

First install an antivirus and firewall, because you really need it!

AVG, Bitdefender OR Avast are good FREE antivirus.Never install more than one antivirusscanner or firewall on your system! Several together can give problems and decreases the reliability of it seriously!Zonealarm, Kerio OR Sygate are FREE firewalls.

Install SpywareblasterSpywareBlaster doesn`t scan and clean for so-called spyware, but prevents it from being installed in the first place. It blocks the popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage.

And I do suggest you perform an online virusscan once in a while. (Kaspersky online and/or Bitdefender). Because what one virusscanner can't find another one maybe can.Also make sure that your virusscanner, the one that is installed on your system is always up to date!